- Видео 43
- Просмотров 291 983
Security in Action 101
Индия
Добавлен 13 дек 2017
Welcome to Security in Action 101!
This channel will publish videos on Identity & Access Management. This includes an overview of the various identity protocols like SAML, OAuth, OpenID Connection as well as videos on how to learn these protocols by configuring sample applications using AWS services as well as other Identity providers like Okta, AzureAD, Auth0 etc.
You can view my blogs in awskarthik82.medium.com/
Subscribe here 👉🏻 bit.ly/securityinaction101
This channel will publish videos on Identity & Access Management. This includes an overview of the various identity protocols like SAML, OAuth, OpenID Connection as well as videos on how to learn these protocols by configuring sample applications using AWS services as well as other Identity providers like Okta, AzureAD, Auth0 etc.
You can view my blogs in awskarthik82.medium.com/
Subscribe here 👉🏻 bit.ly/securityinaction101
How to integrate Java Spring Boot application with Google sign-in using OIDC?
This video explains how to integrate a Java Spring Boot application with Goole using OpenID Connect (OIDC) protocol.
Google | OpenID Connect | Java Spring Boot
#identity #iam #security #sso #oidc #idtoken #spring #springboot #openidconnect #java #javaprogramming #javasecurity #springsecurity #springbootsecurity #singlesignon #sso #google #googleoauth2 #googleoidc #signinwithgoogle
Google | OpenID Connect | Java Spring Boot
#identity #iam #security #sso #oidc #idtoken #spring #springboot #openidconnect #java #javaprogramming #javasecurity #springsecurity #springbootsecurity #singlesignon #sso #google #googleoauth2 #googleoidc #signinwithgoogle
Просмотров: 2 055
Видео
How to integrate Java Spring Boot application with Keycloak using OIDC?
Просмотров 3,6 тыс.7 месяцев назад
This video explains how to integrate a Java Spring Boot application with Keycloak using OpenID Connect (OIDC) protocol. Keycloak | OpenID Connect | Java Spring Boot #identity #iam #security #sso #oidc #idtoken #spring #springboot #openidconnect #java #javaprogramming #javasecurity #springsecurity #springbootsecurity #singlesignon #sso #keycloak #redhat #redhatacademy #rhsso #redhatsso
How to integrate Java Spring Boot application with Auth0 using OIDC?
Просмотров 3,1 тыс.8 месяцев назад
This video explains how to integrate a Java Spring Boot application with Auth0 using OpenID Connect (OIDC) protocol. Auth0 | OpenID Connect | Java Spring Boot #identity #iam #security #sso #oidc #idtoken #okta #spring #springboot #openidconnect #java #javaprogramming #javasecurity #springsecurity #springbootsecurity #singlesignon #sso #auth0
How to integrate Java Spring Boot application with Okta using OIDC?
Просмотров 8 тыс.9 месяцев назад
This video explains how to integrate a Java Spring Boot application with Okta using OpenID Connect (OIDC) protocol. Okta | OpenID Connect | Java Spring Boot #identity #iam #security #sso #oidc #idtoken #okta #spring #springboot #openidconnect #java #javaprogramming #javasecurity #springsecurity #springbootsecurity #singlesignon #sso
How to secure SpringBoot REST APIs using Auth0 OAuth2 scopes?
Просмотров 6 тыс.10 месяцев назад
This video explains how to build a SpringBoot application from scratch and secure the APIs using the Auth0 OAuth2 scopes. It uses the OAuth 2.0 client credentials grant to get access token from Auth0 and use that access token to call the SpringBoot APIs. #identity #iam #security #sso #oidc #idtoken #spring #springboot #openidconnect #java #javaprogramming #javasecurity #springsecurity #oauth #o...
How to secure SpringBoot REST APIs using AzureAD B2C OAuth2 scopes?
Просмотров 4,2 тыс.10 месяцев назад
This video explains how to build a SpringBoot application from scratch and secure the APIs using the AzureAD B2C OAuth2 scopes. It uses the OAuth 2.0 client credentials grant to get access token from AzureAD B2C and use that access token to call the SpringBoot APIs. Documentation referred : SpringBoot Security : docs.spring.io/spring-security/reference/servlet/oauth2/resource-server/jwt.html Az...
How to secure SpringBoot REST APIs using AWS Cognito OAuth2 scopes?
Просмотров 7 тыс.10 месяцев назад
This video explains how to build a SpringBoot application from scratch and secure the APIs using the AWS Cognito OAuth2 scopes. It uses the OAuth 2.0 client credentials grant to get access token from AWS Cognito and use that access token to call the SpringBoot APIs. #identity #iam #security #sso #aws #amazonwebservices #oidc #idtoken #spring #springboot #openidconnect #java #javaprogramming #ja...
How to integrate two AWS Cognito user pools using OIDC?
Просмотров 2,1 тыс.11 месяцев назад
This video explains how to add one AWS Cognito user pool as an OIDC identity provider in another AWS Cognito user pool. This can be useful when your organization uses AWS Cognito as the identity provider and your customer also uses AWS Cognito as identity provider. #identity #iam #security #sso #aws #amazonwebservices #oidc #cognito #awscognito #amazoncognito #openidconnect #federation
How to integrate AWS Cognito with Facebook Social Login?
Просмотров 3,4 тыс.11 месяцев назад
This video is a step-by-step guide to add Facebook as a social identity provider in AWS Cognito service. It uses the OpenID Connect (OIDC) protocol. After you complete this setup, you should be able to allow Facebook users to access your client application that is integrated with AWS Cognito. #openid #identity #iam #security #sso #aws #amazonwebservices #cognito #facebook #awscognito #amazoncog...
How to integrate Java Spring Boot application with AzureAD using OIDC?
Просмотров 12 тыс.Год назад
This video explains how to integrate a Java Spring Boot application with AzureAD using OpenID Connect (OIDC) protocol. AzureAD | OpenID Connect | Java Spring Boot #identity #iam #security #sso #aws #amazonwebservices #oidc #idtoken #azureactivedirectory #spring #springboot #openidconnect #java #javaprogramming #javasecurity #springsecurity #azure #azuread #azureactivedirectory
How to integrate Java Spring Boot application with AWS Cognito using OIDC?
Просмотров 11 тыс.Год назад
This video explains how to integrate a Java Spring Boot application with AWS Cognito using OpenID Connect (OIDC) protocol. AWS Cognito | OpenID Connect | Java Spring Boot #identity #iam #security #sso #aws #amazonwebservices #oidc #cognito #awscognito #amazoncognito #idtoken #azureactivedirectory #spring #springboot #openidconnect #java #javaprogramming #javasecurity #springsecurity #cognito
How to customize ID token in AWS Cognito using Pre token generation Lambda trigger?
Просмотров 2,9 тыс.Год назад
This video explains how to customize an ID token generated by AWS Cognito user pool. This can be used in multi-tenant use cases. *Prerequisite* You must configure AzureAD as the Identity provider (OIDC or SAML) before following the configuration steps in this video. Please follow the instructions in below videos to configure AzureAD as a SAML or OIDC Identity provider in AWS Cognito : ruclips.n...
How to add PingFederate as a SAML Identity Provider in AWS Cognito?
Просмотров 1,7 тыс.Год назад
This video explains the steps to add PingFederate as a SAML Identity Provider in AWS Cognito. #identity #iam #security #sso #aws #amazonwebservices #saml #pingidentity #pingfederate #cognito #awscognito #amazoncognito
How to integrate Google Sign-in with your Web Application?
Просмотров 3,7 тыс.Год назад
This video explains how to configure google sign-in for your web application i.e. users who have gmail account to access your application. #oidc #openid #openidconnect #security #google #googlesignin #gmail
How to add Keycloak as a OIDC Identity Provider in AWS Cognito?
Просмотров 3,4 тыс.Год назад
How to add Keycloak as a OIDC Identity Provider in AWS Cognito?
How to integrate AzureAD B2C with AWS API Gateway JWT Authorizer?
Просмотров 4 тыс.Год назад
How to integrate AzureAD B2C with AWS API Gateway JWT Authorizer?
How to configure OAuth 2.0 client credentials flow in Azure Active Directory B2C?
Просмотров 10 тыс.Год назад
How to configure OAuth 2.0 client credentials flow in Azure Active Directory B2C?
How to add ForgeRock AM as a SAML Identity Provider in AWS Cognito?
Просмотров 1,3 тыс.Год назад
How to add ForgeRock AM as a SAML Identity Provider in AWS Cognito?
How to add Keycloak as a SAML Identity Provider in AWS Cognito?
Просмотров 4,9 тыс.Год назад
How to add Keycloak as a SAML Identity Provider in AWS Cognito?
How to add Microsoft Azure AD as a OIDC Identity Provider in AWS Cognito?
Просмотров 8 тыс.Год назад
How to add Microsoft Azure AD as a OIDC Identity Provider in AWS Cognito?
How to add Auth0 as a SAML Identity Provider in AWS Cognito?
Просмотров 4,1 тыс.Год назад
How to add Auth0 as a SAML Identity Provider in AWS Cognito?
How to add Microsoft Azure AD as a SAML Identity Provider in AWS Cognito?
Просмотров 18 тыс.Год назад
How to add Microsoft Azure AD as a SAML Identity Provider in AWS Cognito?
How to add Okta as a OIDC Identity Provider in AWS Cognito?
Просмотров 7 тыс.Год назад
How to add Okta as a OIDC Identity Provider in AWS Cognito?
How to add Okta as a SAML Identity Provider in AWS Cognito?
Просмотров 7 тыс.2 года назад
How to add Okta as a SAML Identity Provider in AWS Cognito?
How to integrate AWS Cognito with Google Social login?
Просмотров 22 тыс.2 года назад
How to integrate AWS Cognito with Google Social login?
How to setup OpenID Connect Authorization code grant flow using AzureAD?
Просмотров 6 тыс.2 года назад
How to setup OpenID Connect Authorization code grant flow using AzureAD?
How to integrate Auth0 with AWS API Gateway JWT Authorizer?
Просмотров 7 тыс.2 года назад
How to integrate Auth0 with AWS API Gateway JWT Authorizer?
How to setup Single Sign-on between AWS IAM Identity Center (AWS SSO) & NodeJS SAML Application?
Просмотров 8 тыс.2 года назад
How to setup Single Sign-on between AWS IAM Identity Center (AWS SSO) & NodeJS SAML Application?
How to setup Single Sign-on between AWS IAM Identity Center (AWS SSO) & Java Web App using SAML?
Просмотров 3,4 тыс.2 года назад
How to setup Single Sign-on between AWS IAM Identity Center (AWS SSO) & Java Web App using SAML?
How to setup OpenID Connect Authorization code grant flow with PKCE using AWS Cognito?
Просмотров 4,9 тыс.2 года назад
How to setup OpenID Connect Authorization code grant flow with PKCE using AWS Cognito?
Thanks for sharing but have you test to get the refresh token in ALB and Auth0?
I don't remember testing with Auth0. I remember testing with Cognito and it worked fine. We can't validate if ALB is getting the refresh token. But, you can check the Auth0 logs to see if token endpoint is getting called by ALB after the access token expires. Please like, subscribe & share this video / channel !! Thanks in advance.
5:38 is where the fun starts
what is the purpose of step 7 ?
Are you referring to /oauth/token endpoint call?
I am getting unable to resolve configuration with the provided issuer of"" error. Can you help me with this error .
Looks like somewhere the configuration specifies issuer as empty string. Is this error thrown during SpringBoot server start process?
@@securityinaction1018 i am getting this error when i try to hit the url in postman to getuser with token
It's difficult to debug without seeing the issue. I am not sure where the issue is happening. You can enable debug logs in SpringBoot app and see if you can find any details there
@@securityinaction1018 i tried debugging the application.. but that’s not possible… whenever i hit the localhost url in postman i m getting 401 error and in logs i can see jwtdecoderinitializationexpection: failed to lazily resolve the supplied jwtdecoder i stance
Ok. If it is ok with you, post the spring application.yaml file configuration here. I think something might be wrong in that config.
When adding the use case, why choose "Other" instead of "Allow people to log in with their Facebook accounts"?
Can you point the exact time in the video where it is mentioned? I can check and let you know
@@securityinaction1018 9:01
Ok, I tried it again. If you select "Allow people to log in with their Facebook accounts" instead of "Other", it doesn't support OAuth2 login which is required for Cognito integration. I think "Allow people to log in with their Facebook accounts" is for apps which directly integrate with Facebook login without any middle layer like Cognito.
@@securityinaction1018 Ahh, that explains the issues I've been having. Thank you so much!
Glad it worked!! Please like, subscribe & share this video / channel !! Thanks in advance.
Thank you for the wonderful video. Is it possible to include the group name to which the user on the Azure side belongs in the jwt token?
I have not tried it. But looks like it is possible as per this docs learn.microsoft.com/en-us/security/zero-trust/develop/configure-tokens-group-claims-app-roles Please like, subscribe & share this video / channel !! Thanks in advance.
Thank you for the video: Can you please point me in the correct direction for authenticating a user logging in using a 3rd party identity provider, Google (or Facebook) for example. This is what I have achieved so far: * Users can signup using email/password. * A user can choose Google as authenticator. In the case where a user logs in using Google I have these steps implemented on the backend (in python using google.oauth2 and google_auth_oauthlib): 1) generate_google_login_url (The URL is is passed to the user's browser to accept) 2) google_fetch_token (exchange the code for a token) 3) google_verify_token (verify and get back user's email) 4) check_user_exists (check if user already in cognito) IF NOT: then create_user with email + link_user_to_cognito with "Google" cognito_sub provider_sub Now my next step is to log the user in. I do not have a password. What flow do i use? How does Cognito know that this is a Google user?
Outstanding, really outstanding helpful video. Thank you.
Glad it was helpful! Please like, subscribe & share this video / channel !! Thanks in advance.
Thank you for awesome video :)
Welcome!! Please like, subscribe & share this video / channel !! Thanks in advance.
Best intro I found. Thank you so much!
You're welcome! Please like, subscribe & share this video / channel !! Thanks in advance.
Perfect timing, please share the Github repos too for future videos, it would be awesome
Sure. Please like, subscribe & share this video / channel !! Thanks in advance.
How can I create dynamic user id ?
Can you elaborate the question? What is dynamic user ID?
Thank you so much
You're most welcome!! Please like, subscribe & share this video / channel !! Thanks in advance.
How can I use it for APIs
This is for browser based flows i.e. authenticating a Auth0 user through Cognito using SAML federation. Can you elaborate what do you mean by using it for APIs?
@@securityinaction1018 I would like to authenticate and authorize api usage
This video might be useful. It is just for reference. If you are using API GW service, it will be a different setup. ruclips.net/video/66rCfs-3egI/видео.html - How to secure SpringBoot REST APIs using Auth0 OAuth2 scopes? ruclips.net/video/7zyhENQRb7c/видео.html - How to secure SpringBoot REST APIs using AWS Cognito OAuth2 scopes?
Do oyu have a video explaining use Azure AD as OIDC provider in Cognito for OAuth client-crendtials flow ?
You cannot integrate AuzreAD with Cognito using OAuth client credentials flow. Since it is OIDC, it supports only authorization code grant flow. Please like, subscribe & share this video / channel !! Thanks in advance.
@@securityinaction1018 I thought so too.. thank you for the confirmation. Thanks to AWS marketing buzz where in devil lies underneath :-D
:) Welcome. If you can explain your use case, I can try my best to help.
@@securityinaction1018 we want to expose existing API and manage in a API management platform. Unfortunately AWS API GW is suggested 😅. So we want to protect the API endpoints ( expose them to internal application, so REST API is choice) & security compliance is to use Azure AD to maintain users, groups, app registrations for M2M use cases.. In this context I ended up in the hands of Cognito ..
Ok. If you want to use a AzureAD M2M client_credentials token for securing APIs hosted in AWS API GW, you can either use custom authorizer or JWT authorizer. JWT authorizer supports only HTTP APIs docs.aws.amazon.com/apigateway/latest/developerguide/http-api-jwt-authorizer.html
You got another subscriber, i love bro hahaha you saved me literally! how can i invite you a coffee?
Welcome aboard! Thank you :)
Perfect vid, i wonder if this works with jdk21 and spring boot 3.2.3
I have not tried with these specific versions. But, I guess it should work as long as Spring didn't change any of those OIDC related configurations
How can i integrate with SecureAuth.
I have not worked on SecureAuth. I will try to post a video in future.
Thanks for the response. I will be waiting for the video
what if we are not using hosted UI? how will we get domain name?
Domain cannot be configured without enabling Hosted UI.
You just help me immensely with a current issue! ❤
Glad it helped!! Please like, subscribe & share this video / channel !! Thanks in advance.
How to set custom claims?
I have not tried it myself. You can check this doc learn.microsoft.com/en-us/entra/identity-platform/optional-claims?tabs=appui I will try to post a video in future once I find the solution. Thanks for subscribing!!
What is diference between Azure AD B2c and Entra Id in configuration. And which one i should use. Thank you
Here are some links which will clear the confusion : learn.microsoft.com/en-us/answers/questions/1556632/confusion-around-azure-ad-b2c-vs-microsoft-entra-e learn.microsoft.com/en-us/entra/external-id/customers/faq-customers#is-microsoft-entra-external-id-a-new-name-for-azure-ad-b2c Please like, subscribe & share this video / channel !! Thanks in advance.
Hello What if I want getUser for one user and GetUser, CreateUser for another user, Can I achieve this using same app client?
This video uses client credentials grant which is not user specific. For user based authorization, you need to use authorization code grant, get access tokens and use those access tokens for accessing the APIs. Please like, subscribe & share this video / channel !! Thanks in advance.
@@securityinaction1018 Any tutorial is present regarding user specific scopes configuration? I wanted scopes at user level and not at app client level
Hello What if i want getuser scope for one user and getuser,writeuser for another user , can I achieve this using the same App client ?
This video uses client credentials grant which is not user specific. For user based authorization, you need to use authorization code grant, get access tokens and use those access tokens for accessing the APIs. Please like, subscribe & share this video / channel !! Thanks in advance.
Great Video. Thanks!
Glad you liked it! Please like, subscribe & share this video / channel !! Thanks in advance.
Please provide uses of this jwt authorizer configuration
You can check this blog aws.amazon.com/blogs/security/how-to-secure-api-gateway-http-endpoints-with-jwt-authorizer/
can you please lead me to a resource or links if I want to follow up with your tutorial but I want multi-tenancy where I have multiple realms and I select those realms based on tenant name and then it takes me to their particular realm login screen.
I have not tried that. In case I get a chance to do a POC, will surely post a video.
Thanks for the vid! Help me out. Got SSO working. QQ...how can I set a permissible group of users to have access from Entra ID (Azure Active Directory)? In other words, I only want a subset of my directory to have permissions to my sso enabled site.
Glad it worked! Please follow these instructions to assign the app to only certain users /groups learn.microsoft.com/en-us/entra/identity-platform/howto-restrict-your-app-to-a-set-of-users#update-the-app-to-require-user-assignment Please note that group assignment is available only for certain plans and not for free developer account. Please like, subscribe & share this video / channel !! Thanks in advance.
Could you please add time stamps to this video?
Sorry, I am not aware of that. If you can share any websites on how it needs to be done, I will surely take a look.
@@securityinaction1018 I'd recommend googling "how to add timestamps to youtube video" and it'll teach you how. Thanks for the video again! Helped a lot.
Glad it helped. Sure, will check it out. Please like, subscribe & share this video / channel !! Thanks in advance.
hello Getting output in this manner Sending AnonymousAuthenticationToken [Principal=anonymousUser, Credentials=[PROTECTED], Authenticated=true, Details=WebAuthenticationDetails [RemoteIpAddress=*******, SessionId=************], Granted Authorities=[ROLE_ANONYMOUS]] to authentication entry point since access is denied
I am not sure what is really happening since it is difficult to find out without debugging. May be the user credentials that you are using is not assigned to that particular Okta application. But, I am not 100% sure.
Thank you so much! it was really helpful!
Glad it helped! Please like, subscribe & share this video / channel !! Thanks in advance.
Great job, thank you for the tutorial!
Glad it was helpful! Please like, share & subscribe to this channel!
Can you make a video of connecting Keycloak to Owncloud please? Thanks
I am sorry that I don't have knowledge on Owncloud.
Great video. I am getting the following exception when adding the issues found in the token: "Caused by: java.lang.IllegalArgumentException: Unable to resolve the Configuration with the provided Issuer of: registeredDomain/{tenantId}/v2.0/"
It looks like a wrong issuer. registeredDomain/{tenantId} are placeholders. You need to replace that with the actual values. Please like, subscribe & share this video / channel !! Thanks in advance.
Great video! Is it possible to use this client credentials configuration to read e-mails from personal accounts (outlook, hotmail)? If not, do you know the best way to read e-mails from personal accounts, in a backend-only system (without UI), now that Microsoft is deprecating basic authentication?
Thank you!! I don't have much knowledge on how to read emails from Microsoft personal accounts. I have done some POCs on reading emails from GMail accounts. I am assuming it should be similar in MS. Basically, you need OpenID Connect flow to get ID token, access token for a particular user and the access token should have the scopes to read emails. Please like, subscribe & share this video / channel !! Thanks in advance.
How can I generate token from Postman using okta OAuth 2.0?
Do you want to generate a token using client_credentials grant or authorization code grant? Please like, subscribe & share this video / channel !! Thanks in advance.
@@securityinaction1018 I want to try both client_credentials and authorisation code.
how can i get role of user ? for example i have created user : Jon, and his role is admin, how i can get this role ?
You can refer this on how to add roles as a claim to the access token documentation auth0.com/docs/get-started/apis/enable-role-based-access-control-for-apis Please like, subscribe & share this video / channel !! Thanks in advance.
I don't know why your videos have less views. Have been learning from youtube since 15 years but never found anyone creating POCs by referring to the actual documentations. Your approach really gives a lot of confidence! Needless to mention that the topics you cover are really difficult to find elsewhere. Great content!
Thank you so much !! I will keep trying my best to post quality videos. Please like, subscribe & share this video / channel !! Thanks in advance.
what if the user wanted to automatically log in when he is logged in in the AWS console what more configuration is needed.
Can you elaborate your question? AWS console login is different from AWS IAM Identity Center login because both have different login pages and credentials.
@@securityinaction1018 like I have react application login once I log in using aws login and open aws console it should be auto sign in and visa-versa.
AMAZING explanation! Showing first the overview and then going through each single step required with actual testing to see how it works. I need to do this kind of integration and this video is just gold to me. Thank you!
Thank you. Glad it was helpful! Please like, subscribe & share this video / channel !! Thanks in advance.
Your content is excellent! Appreciate your work very much. I had a question - Let's say if I have 100 microservices under an app portfolio, would I need to just register at a portfolio level and get one registration id, one client id and secret pair, and then use the same in all the 100 microservices property file to generate access token? What would be your best practice to do this with regards to api to api calls between those 100 services?
This video talks about web integration using OIDC protocol. If I am not wrong, the use case that you described refers to a client app calling 100 microservices. Is it one client app calling 100 services?
@@securityinaction1018 Sorry I have been watchin many of your videos and was generic here with regards to the question. I am not talking about web integration with OIDC. I was asking about API to API inter service calls using an access token based authorization such as okta. Do I need separate client id, client secret for all? Or if all the 100 services are under an app portfolio, is it fine to create one pair and reuse?
Firstly, you need to identify whether all these are internal or external facing APIs. You can have different strategies depending on that. Assuming all are external facing APIs, it is always recommended to have separate client ID / secret for each client. The main reason for that is let's say one of the client ID / secret got leaked to a hacker and you are planning to reset the client secret, all the client apps have to be modified which will cause a downtime. However, please note that there might be some limit on number of applications that you can create in Okta. Please check with Okta support.
@@securityinaction1018 Thanks!
This is perfect. Thanks a lot. I would request one vide where an integration to Google/FB sign-up sign-in is made through Cognito and integration of Federation providers to springboot is explained.
Glad it helped! I will surely post a video. But, for now, you can refer the below videos to get an idea of how it might work : ruclips.net/video/o2IM9oI6Eqk/видео.html - How to integrate Java Spring Boot application with AWS Cognito using OIDC? ruclips.net/video/QEtP385kSUc/видео.html - How to integrate AWS Cognito with Facebook Social Login? ruclips.net/video/7r0eBNBNEZ8/видео.html - How to integrate AWS Cognito with Google Social login? ruclips.net/video/NeeKN8IpyOY/видео.html - How to integrate Java Spring Boot application with Google sign-in using OIDC?
Instead of cognito i want to do this integration for the Quick sight how i can do that part ?
If you are referring to AWS QuickSight, I see some documentation here docs.aws.amazon.com/quicksight/latest/user/external-identity-providers.html. I have not tried this. Once I work on this, will post a video about this.
Only video which serves its purpose. All steps worked 100%. Thanks for simple explanation.
Glad it helped!! Please like, subscribe & share this video to support this channel !! Thanks in advance.
How to get rid of the page at 22:09? It's ugly and completely unnecessary.
You can customize the login page as per Spring docs. I have not tried that.
have you posted any videos for the basics? like , what is SAML, what is OAuth, claims, assertion and all the basic concepts?
You can checkout some vides on OAuth basics. But, I don't have a detailed video on OAuth, OIDC or SAML basics. I wanted to post a series of videos. I will try to work on that in future. Please like, subscribe & share this video to support this channel !! Thanks in advance.
Good video - One quick question, in step-4 said that the token will get validated... how and where the token will get validated ?
All these validations are taken care by SpringBoot security classes. You can customize this which is generally not required. Refer this documentation for more details : docs.spring.io/spring-security/reference/servlet/oauth2/login/advanced.html#oauth2login-advanced-idtoken-verify Please like, subscribe & share this video to support this channel !! Thanks in advance.
Thanks for tutorial man.A big thanks
Welcome! Please like, subscribe & share this video to support this channel !! Thanks in advance.
Sir good video , just one request could you increase video audio
Thanks for the feedback. I will try my best to keep improving the quality of audio & video. Please like, share & subscribe to support this channel.
how to change "exp" jwt claim in azure entra ID
You can try changing the token lifetime as mentioned here learn.microsoft.com/en-us/entra/identity-platform/configurable-token-lifetimes and that should change the exp claim accordingly. I have not tried that. But, I think it should work. Please like, subscribe & share!! Thanks in advance.